Index: crypto/nss_key_util_unittest.cc |
diff --git a/crypto/nss_key_util_unittest.cc b/crypto/nss_key_util_unittest.cc |
new file mode 100644 |
index 0000000000000000000000000000000000000000..f8de8e236bb303a6077bf43fe9bbd208ba64f227 |
--- /dev/null |
+++ b/crypto/nss_key_util_unittest.cc |
@@ -0,0 +1,87 @@ |
+// Copyright 2015 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#include "crypto/nss_key_util.h" |
+ |
+#include <keyhi.h> |
+#include <pk11pub.h> |
+ |
+#include <vector> |
+ |
+#include "crypto/nss_util.h" |
+#include "crypto/scoped_nss_types.h" |
+#include "testing/gtest/include/gtest/gtest.h" |
+ |
+namespace crypto { |
+ |
+class NSSKeyUtilTest : public testing::Test { |
+ public: |
+ void SetUp() override { |
+ EnsureNSSInit(); |
+ |
+ internal_slot_.reset(PK11_GetInternalSlot()); |
+ ASSERT_TRUE(internal_slot_); |
+ } |
+ |
+ PK11SlotInfo* internal_slot() { return internal_slot_.get(); } |
+ |
+ private: |
+ ScopedPK11Slot internal_slot_; |
+}; |
+ |
+TEST_F(NSSKeyUtilTest, GenerateRSAKeyPairNSS) { |
+ const int kKeySizeBits = 1024; |
+ |
+ ScopedSECKEYPublicKey public_key; |
+ ScopedSECKEYPrivateKey private_key; |
+ ASSERT_TRUE(GenerateRSAKeyPairNSS(internal_slot(), kKeySizeBits, |
+ false /* not permanent */, &public_key, |
+ &private_key)); |
+ |
+ EXPECT_EQ(rsaKey, SECKEY_GetPublicKeyType(public_key.get())); |
+ EXPECT_EQ(rsaKey, SECKEY_GetPrivateKeyType(private_key.get())); |
+ EXPECT_EQ((kKeySizeBits + 7) / 8, |
+ PK11_GetPrivateModulusLen(private_key.get())); |
+} |
+ |
+#if defined(USE_NSS_CERTS) |
+TEST_F(NSSKeyUtilTest, FindNSSKeyFromPublicKeyInfo) { |
+ // Create an NSS keypair, which will put the keys in the user's NSSDB. |
+ ScopedSECKEYPublicKey public_key; |
+ ScopedSECKEYPrivateKey private_key; |
+ ASSERT_TRUE(GenerateRSAKeyPairNSS(internal_slot(), 256, |
+ false /* not permanent */, &public_key, |
+ &private_key)); |
+ |
+ ScopedSECItem item(SECKEY_EncodeDERSubjectPublicKeyInfo(public_key.get())); |
+ ASSERT_TRUE(item); |
+ std::vector<uint8_t> public_key_der(item->data, item->data + item->len); |
+ |
+ ScopedSECKEYPrivateKey private_key2 = |
+ FindNSSKeyFromPublicKeyInfo(public_key_der); |
+ ASSERT_TRUE(private_key2); |
+ EXPECT_EQ(private_key->pkcs11ID, private_key2->pkcs11ID); |
+} |
+ |
+TEST_F(NSSKeyUtilTest, FailedFindNSSKeyFromPublicKeyInfo) { |
+ // Create an NSS keypair, which will put the keys in the user's NSSDB. |
+ ScopedSECKEYPublicKey public_key; |
+ ScopedSECKEYPrivateKey private_key; |
+ ASSERT_TRUE(GenerateRSAKeyPairNSS(internal_slot(), 256, |
+ false /* not permanent */, &public_key, |
+ &private_key)); |
+ |
+ ScopedSECItem item(SECKEY_EncodeDERSubjectPublicKeyInfo(public_key.get())); |
+ ASSERT_TRUE(item); |
+ std::vector<uint8_t> public_key_der(item->data, item->data + item->len); |
+ |
+ // Remove the keys from the DB, and make sure we can't find them again. |
+ PK11_DestroyTokenObject(private_key->pkcs11Slot, private_key->pkcs11ID); |
+ PK11_DestroyTokenObject(public_key->pkcs11Slot, public_key->pkcs11ID); |
+ |
+ EXPECT_FALSE(FindNSSKeyFromPublicKeyInfo(public_key_der)); |
+} |
+#endif // defined(USE_NSS_CERTS) |
+ |
+} // namespace crypto |